<?php
	//Include database connection script
	include("../../include/class.connection.php");
	
	//Stat session
	session_start();
	
	$myusername=$_POST['username'];
	$mypassword=$_POST['password'];

	// To protect MySQL injection 
	$myusername = stripslashes($myusername);
	$mypassword = stripslashes($mypassword);
	$myusername = mysql_real_escape_string($myusername);
	$mypassword = mysql_real_escape_string($mypassword);

	$sql="SELECT users.*, usergroups.* FROM users, usergroups WHERE username='$myusername' and password='$mypassword' and user=usergroup_id";
	$result=mysql_query($sql);
	$row=mysql_fetch_array($result);

	// Mysql_num_row is counting table row
	$count=mysql_num_rows($result);

	if($count==1){
		@session_register("loggedIn");
		$_SESSION['userId']=$row[user_id];
		session_register("myusername");
		
		//Check user is proferor or student
		if($row['part'] == "Administrator")
		{
			header("Location: ../admin.php");
		}
	}
	else {
		echo "Wrong Username or Password";
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
</body>
</html>